CVE-2018-15687

Опубликовано: 26 окт. 2018

Источник: debian

EPSS Низкий

Описание

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
systemd	fixed	239-11		package
systemd	not-affected		stretch	package
systemd	not-affected		jessie	package

Примечания

https://bugs.chromium.org/p/project-zero/issues/detail?id=1689
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796692
https://github.com/systemd/systemd/pull/10517

EPSS

Процентиль: 56%

0.00345

Низкий

Связанные уязвимости

CVE-2018-15687

CVSS3: 7

ubuntu

почти 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 6.3

redhat

почти 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 7

nvd

почти 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 7

msrc

около 5 лет назад

Описание отсутствует

GHSA-wxcv-623q-99fj

CVSS3: 7

github

больше 3 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

EPSS

Процентиль: 56%

0.00345

Низкий